- 下载安装helm
wget https://get.helm.sh/helm-v3.5.4-linux-amd64.tar.gz
tar -zxvf helm-v3.5.4-linux-amd64.tar.gz
mv linux-amd64/helm /usr/local/bin/helm
2.创建一个chart
helm create helm-test
tree
.
└── helm-test
├── charts # 依赖文件
├── Chart.yaml # 这个chart的版本信息
├── templates # 模板
│ ├── deployment.yaml
│ ├── _helpers.tpl # 自定义的模板或者函数
│ ├── hpa.yaml
│ ├── ingress.yaml
│ ├── NOTES.txt #这个chart的信息
│ ├── serviceaccount.yaml
│ ├── service.yaml
│ └── tests
│ └── test-connection.yaml
└── values.yaml #配置全局变量或者一些参数
helm基本使用方法
#查看已安装项目
helm list
#查看镜像源
helm repo list
#添加镜像源
helm repo add REPONAME URL
#查询一个项目
helm search repo kafka
#拉取项目
helm pull bitnami/kafka
# --dry-run 模拟安装
helm install test --dry-run .
# --set 修改values里面的值
helm install helm-test2 --set fullnameOverride=aaaaaaa --dry-run .
#删除项目
helm uninstall rabbitmq-cluster -n public-service
#升级项目
helm upgrade rabbitmq-cluster -n public-service .
基本语法
include:引入的函数或者模板,_helpers.tpl
define:定义一个模板,
trunc:只取前多少位字符,负号代表从后往前取
trimSuffix: 字符串末尾去掉指定的字符,Prefix
$name := xxx 定义一个变量
default: 定义的变量的默认值
contains: 判断字符串是否包含某个字符串
replace: 替换字符串
常用函数:http://masterminds.github.io/sprig/strings.html
案例
使用helm创建rabbit集群
创建项目
helm create rabbitmq-cluster
cd rabbitmq-cluster/templates/
rm -rf ./!(_helpers.tpl|NOTES.txt)
vim rabbitmq-cluster-ss.yaml
kind: StatefulSet
apiVersion: apps/v1
metadata:
{{- if.Values.labels }} # - 去除前面的空行
labels:
{{- with .Values.labels}} # with改变上下文,使下边的 . 代表with后所写内容的资源
{{- toYaml . | nindent 4}} # . 代表.Values.labels下边所有资源,toYaml转换成yaml格式,nindent 在本行前面添加空格
{{- end }}
{{- else }}
labels:
{{- include "rabbitmq-cluster.labels" . | nindent 4}} # include导入_helpers.tpl文件中的模板或函数
{{- end }}
name: {{ .Release.Name }} # Release.Name 是安装项目时 helm install rmq-test --dry-run . 中的rmq-test
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- with .Values.labels}}
{{- toYaml . | nindent 6}}
{{- end }}
serviceName: {{ .Values.service.headless.name }}
template:
metadata:
labels:
{{- with .Values.labels}}
{{- toYaml . | nindent 8}}
{{- end }}
spec:
s:
- args:
- -c
- cp -v /etc/rabbitmq/rabbitmq.conf ${RABBITMQ_CONFIG_FILE}; exec docker-entrypoint.sh
rabbitmq-server
command:
- sh
env:
- name: RABBITMQ_DEFAULT_USER
valueFrom:
secretKeyRef:
key: username
name: {{ .Values.secret.name }}
- name: RABBITMQ_DEFAULT_PASS
valueFrom:
secretKeyRef:
key: password
name: {{ .Values.secret.name }}
- name: RABBITMQ_ERLANG_COOKIE
valueFrom:
secretKeyRef:
key: cookie
name: {{ .Values.secret.name }}
- name: K8S_SERVICE_NAME
value: {{ .Values.service.headless.name }}
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
- name: RABBITMQ_USE_LONGNAME
value: "true"
- name: RABBITMQ_NODENAME
value: rabbit@$(POD_NAME).{{ .Values.service.headless.name }}.$(POD_NAMESPACE).svc.cluster.local
- name: RABBITMQ_CONFIG_FILE
value: /var/lib/rabbitmq/rabbitmq.conf
image: {{ .Values.image.repository }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
livenessProbe:
exec:
command:
- rabbitmqctl
- status
initialDelaySeconds: 30
timeoutSeconds: 10
name: rabbitmq
ports:
-Port: 15672
name: http
protocol: TCP
-Port: 5672
name: amqp
protocol: TCP
readinessProbe:
exec:
command:
- rabbitmqctl
- status
initialDelaySeconds: 10
timeoutSeconds: 10
volumeMounts:
- mountPath: /etc/rabbitmq
name: config-volume
readOnly: false
- mountPath: /var/lib/rabbitmq
name: rabbitmq-storage
readOnly: false
serviceAccountName: {{ .Values.serviceAccount.name }}
terminationGracePeriodSeconds: 30
volumes:
- configMap:
items:
- key: rabbitmq.conf
path: rabbitmq.conf
- key: enabled_plugins
path: enabled_plugins
name: {{ .Values.configmap.name }}
name: config-volume
{{- if .Values.storage.storageClass.use }}
volumeClaimTemplates:
- metadata:
name: rabbitmq-storage
spec:
accessModes:
{{- with .Values.storage.storageClass.accessModes }}
{{- toYaml . | nindent 8}}
{{- end }}
storageClassName: {{ .Values.storage.storageClass.name}}
resources:
requests:
storage: {{ .Values.storage.storageClass.storage }}
{{- else }}
- name: rabbitmq-storage
emptyDir: {}
{{- end }}
vim rabbitmq-configmap.yaml
kind: ConfigMap
apiVersion: v1
metadata:
name: {{ .Values.configmap.name }}
labels:
addonmanager.kubernetes.io/mode: Reconcile
data:
enabled_plugins: |
[rabbitmq_management,rabbitmq_peer_discovery_k8s].
rabbitmq.conf: |
loopback_users.guest = false
default_user = {{ .Values.username }}
default_pass = {{ .Values.password }}
## Clustering
cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s
cluster_formation.k8s.host = kubernetes.default.svc.cluster.local
cluster_formation.k8s.address_type = hostname
#################################################
# public-service is rabbitmq-cluster's namespace#
#################################################
cluster_formation.k8s.hostname_suffix = .{{ .Values.service.headless.name }}.{{ .Release.Namespace }}.svc.cluster.local #Release.Namespace创建项目时指定的命名空间
cluster_formation.node_cleanup.interval = 10
cluster_formation.node_cleanup.only_log_warning = true
cluster_partition_handling = autoheal
## queue master locator
queue_master_locator=min-masters
vim rabbitmq-rbac.yaml
{{- if .Values.serviceAccount.create }}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ .Values.serviceAccount.name }}
{{- end }}
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rmq-cluster
rules:
- apiGroups:
- ""
resources:
- endpoints
verbs:
- get
---
kind: RoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: rmq-cluster
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: rmq-cluster
subjects:
- kind: ServiceAccount
name: {{ .Values.serviceAccount.name }}
namespace: {{ .Release.Namespace }}
vim rabbitmq-secret.yaml
kind: Secret
apiVersion: v1
metadata:
name: {{ .Values.secret.name }}
stringData:
cookie: ERLANG_COOKIE
password: {{ .Values.password }}
username: {{ .Values.username }}
url: amqp://{{- .Values.username -}}:{{- .Values.password -}}@{{- .Values.service.loadbalancer.name }}
type: Opaque
vim rabbitmq-service.yaml
kind: Service
apiVersion: v1
metadata:
labels:
{{- with .Values.labels}}
{{- toYaml . | nindent 4}}
{{- end }}
name: {{ .Values.service.headless.name }}
spec:
clusterIP: None
ports:
- name: amqp
port: 5672
targetPort: 5672
selector:
{{- with .Values.labels}}
{{- toYaml . | nindent 4}}
{{- end }}
---
kind: Service
apiVersion: v1
metadata:
labels:
app: rmq-cluster
type: LoadBalancer
name: {{ .Values.service.loadbalancer.name }}
spec:
ports:
- name: http
port: 15672
protocol: TCP
targetPort: 15672
- name: amqp
port: 5672
protocol: TCP
targetPort: 5672
selector:
{{- with .Values.labels}}
{{- toYaml . | nindent 4}}
{{- end }}
type: {{ .Values.service.loadbalancer.type }}
修改values.yaml
cd ..
vim values.yaml
# Default values for rabbitmq-cluster.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
labels:
app: rabbitmq-cluster
helm: "true"
replicaCount: 3
image:
repository: registry.cn-beijing.aliyuncs.com/dotbalo/rabbitmq:3.7-management
pullPolicy: IfNotPresent
# Overrides the image tag whose default is the chart appVersion.
tag: ""
configmap:
name: rabbitmq-configmap
secret:
name: rabbitmq-secret
username: RABBITMQ_USER
password: RABBITMQ_PASS
storage:
emptyDir: true
storageClass:
use: false
name: test-sc
storage: 1Gi
accessModes:
- ReadWriteOnce
imagePullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: rmq-cluster
podAnnotations: {}
podSecurityContext: {}
# fsGroup: 2000
securityContext: {}
# capabilities:
# drop:
# - ALL
# readOnlyRootFilesystem: true
# runAsNonRoot: true
# runAsUser: 1000
service:
headless:
name: rabbit-cluster-svc
loadbalancer:
name: rabbit-cluster-loadbalancer
type: NodePort
type: ClusterIP
port: 80
ingress:
enabled: false
annotations: {}
# kubernetes.io/ingress.class: nginx
# kubernetes.io/tls-acme: "true"
hosts:
- host: chart-example.local
paths:
- path: /
backend:
serviceName: chart-example.local
servicePort: 80
tls: []
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
autoscaling:
enabled: false
minReplicas: 1
maxReplicas: 100
targetCPUUtilizationPercentage: 80
# targetMemoryUtilizationPercentage: 80
nodeSelector: {}
tolerations: []
affinity: {}
访问测试
